def send_message(request):
if not request.user.is_authenticated:
raise PermissionDenied
if request.user.user_type == 1:
return utils.raise_exception(request,
"Upgrade your account to send messages.")
utils.check_captcha(request)
friend_username = request.POST.get('friend_username', 'null')
if not username_exists(friend_username):
raise PermissionDenied
friend_user = CustomUser.objects.get(username=friend_username)
if request.user.user_type != 5 and not are_friend(request.user,
friend_user):
return utils.raise_exception(
request, "You are not allowed to send messages to strangers.")
message_text = request.POST.get("message_text", "null")
my_friends = get_friends(request.user)
Private_Message.objects.create(sender=request.user,
receiver=friend_user,
message=message_text)
context = {'my_friends': my_friends}
context['chats'] = getAllMessages(user1=request.user, user2=friend_user)
context['friend_username'] = friend_username
context['display_message_box'] = True
return HttpResponseRedirect(
reverse('private_message:friends_message_username',
kwargs={'friend_username': friend_username}))
def friend_timeline(request, friend_username):
if not request.user.is_authenticated:
raise PermissionDenied
if not username_exists(friend_username):
raise PermissionDenied
if request.user.username == friend_username:
return HttpResponseRedirect(reverse('friends:timeline'))
friend = CustomUser.objects.get(username=friend_username)
if not are_friend(request.user,
friend) and friend.timeline_view_level == 0:
return utils.raise_exception(
request, "You are not allowed to view the timeline.")
all_posts = Post.objects.filter(
recipient_name=friend_username).order_by('-post_date')
can_post = (friend.timeline_post_level == 1) or are_friend(
request.user, friend)
context = {
'friend_username': friend_username,
'all_posts': all_posts,
'can_post': can_post
}
return render(request, 'friend_timeline.html', context=context)
def accept(request):
if not request.user.is_authenticated:
raise PermissionDenied
# print("hiiiiiiii")
friend_id = request.POST.get('friend', 'default')
if not user_id_exists(friend_id):
raise PermissionDenied
# if not CustomUser.objects.filter(id=friend_id).exists():
# raise SuspiciousOperation("Please be in limits.")
friend = CustomUser.objects.get(id=friend_id)
if are_friend(request.user, friend):
raise PermissionDenied
row = Friend.objects.get(creator_id=friend_id,
follower_id=request.user.id,
confirmed=False)
row.confirmed = True
row.save()
# print("hi")
# print(Friend.objects.get(creator_id=friend_id,follower_id=request.user.id).confirmed)
return HttpResponseRedirect(reverse('friends:friends'))
def add_post_friend(request, friend_username):
# TODO add checks
if not request.user.is_authenticated:
raise PermissionDenied
# friend = None
# try:
# friend = CustomUser.objects.get(username=friend_username)
# except:
# raise PermissionDenied
utils.check_captcha(request)
if not username_exists(friend_username):
raise PermissionDenied
friend = CustomUser.objects.get(username=friend_username)
if not are_friend(request.user, friend):
raise PermissionDenied
author_name = request.user.username
recipient_name = friend_username
post_text = request.POST.get('post_text', "N/A")
Post.objects.create(author_name=author_name,
recipient_name=recipient_name,
post_text=post_text)
return redirect('friends:friend_timeline', friend_username=friend_username)
def add_friend(request):
# print(request.user.id)
if not request.user.is_authenticated:
raise PermissionDenied
friend_id = request.POST.get('friend', 'default')
if not CustomUser.objects.filter(id=friend_id).exists():
raise PermissionDenied
if request.user.id == friend_id:
raise PermissionDenied
friend = CustomUser.objects.get(id=friend_id)
if are_friend(request.user, friend):
raise PermissionDenied
obj1 = list(
Friend.objects.filter(creator_id=request.user.id,
follower_id=friend_id))
obj2 = list(
Friend.objects.filter(follower_id=request.user.id,
creator_id=friend_id))
if len(obj1) == 0 and len(obj2) == 0:
Friend.objects.create(creator_id=request.user.id,
follower_id=friend_id,
confirmed=False)
return HttpResponseRedirect(reverse('friends:friends'))
def transfer(request):
if not request.user.is_authenticated:
raise PermissionDenied
if request.method == 'POST':
if (request.user.user_ongoing_transaction):
django.contrib.auth.logout(request)
return HttpResponseRedirect(reverse('logout'))
request.user.user_ongoing_transaction = True
# request.user.user_ongoing_transaction = False
request.user.save()
user2_username = request.POST.get("username", "null")
user2 = CustomUser.objects.get(username=user2_username)
amount = 0
try:
amount = int(request.POST.get("amount", "null"))
except:
message = 'Please enter valid input.'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
if(user2.username=='admin'):
message = 'You Cannot Send Money To Admin'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse('''<h1>You Cannot Send Money To Admin<br><a href="wallet_home">GO BACK</a>''')
user1 = request.user
# print(request.user.user_last_transaction)
# print((datetime.now() - timecheck).seconds)
am = amount
if (am <= 0):
message = 'Positive value required'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse('''<h1>Positive value required<br><a href="wallet_home">GO BACK</a>''')
if user1.user_type != 5 and not are_friend(user1, user2):
return utils.raise_exception(request, "Become a commercial user to send money to strangers.")
if (user1.username == user2.username):
message = 'You cannot transfer money to yourself'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse(
# "<h1>You cannot transfer money to yourself<br><a href='wallet_home'>GO BACK</a>")
if user1.user_no_of_transactions + 1 > user1.user_no_of_transactions_allowed: # MAX LIMIT ----> CHANGE
message = 'You have reached max. transaction limit'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse(
# "<h1>You have reached max. transaction limit<br><a href='wallet_home'>GO BACK</a>")
if (am > user1.user_balance):
message = 'Insufficient Balance to transfer entered amount'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse(
# "<h1>Insufficient Balance to transfer entered amount<br><a href='wallet_home'>GO BACK</a>")
timecheck = datetime.strptime(user1.user_last_transaction_for_begin, "%d-%b-%Y (%H:%M:%S.%f)")
if ((datetime.now() - timecheck).seconds < 80):
message = 'Try after 80 seconds'
d = {}
d['message'] = message
request.user.user_ongoing_transaction = False
request.user.save()
return render(request, 'display_message_1.html', context=d)
# return HttpResponse("<h1>Try after 80 seconds<br><a href='wallet_home'>GO BACK</a>")
# user1.user_last_transaction_for_begin = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)")
# user1.save()
# totp = pyotp.TOTP('base32secret3232')
curr_otp = getOTP()
# request.session['date_time'] = str(datetime.datet)
# print(curr_otp)
# print(curr_otp)
send_mail('SocPay | NoReply', 'Your OTP is : ' + str(curr_otp), '*****@*****.**', [user1.email], fail_silently=False)
user1.user_last_transaction_for_begin = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)")
user1.save()
request.session['user1'] = user1.username
request.session['user2'] = user2.username
request.session['am'] = str(am)
request.session['curr_otp'] = str(curr_otp)
request.session['time'] = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)")
return render(request, 'otp_tranfer.html')
# return HttpResponseRedirect('/thanks/')
else:
all_friends = get_friends(request.user)
if (request.user.user_ongoing_transaction):
django.contrib.auth.logout(request)
return HttpResponseRedirect(reverse('logout'))
if request.user.user_type == 5:
all_friends = CustomUser.objects.filter(~Q(username="******")) & CustomUser.objects.filter(~Q(username=request.user.username))
context = {'all_friends':all_friends}
return render(request, 'transfer_money.html', context=context)